Joomla team has announces a new CMS release that is aimed to address multiple known vulnerabilities in Joomla core.
- Information Disclosure - Improper cache invalidation leads to disclosure of form contents
- XSS Vulnerability - Missing CSRF token checks and improper input validation lead to an XSS vulnerability.
- XSS Vulnerability - Inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components
Affected versions: Joomla! CMS versions 1.5.0 through 3.7.2
Recommended action: Upgrade to version 3.7.3